Protecting Web Services from Remote Exploit code: A Static Analysis Approach
Xinran Wang
Pennsylvania State University, University Park, PA 16802 USA
xinrwang@cse.psu.edu
Yoon-Chan Jhi
Pennsylvania State University, University Park, PA 16802 USA
jhi@cse.psu.edu
Sencun Zhu
Pennsylvania State University, University Park, PA 16802 USA
szhu@cse.psu.edu
Peng Liu
Pennsylvania State University, University Park, PA 16802 USA
pliu@ist.psu.edu
Abstract:
We propose STILL, a signature-free
remote exploit binary code injection attack blocker to protect web
servers and web applications. STILL is robust to almost all
anti-signature, anti-static-analysis and anti-emulation obfuscation.
Categories and Subject Descriptors: C.2.0 [Computer-Communication Networks]: General - Security and protection.